Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000035776 - MetaCallback feeds do not support ranged indices (IP range or CIDR) in RSA Security Analytics 10.6

Document created by RSA Customer Support

on Nov 23, 2017•Last modified by RSA Customer Support

on Jan 6, 2018

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000035776
Applies To	RSA Product Set: NetWitness Logs & Packets, Security Analytics RSA Product/Service Type: Packet Decoder, Log Decoder, Content, Custom Feeds RSA Version/Condition: 10.6.x Platform: CentOS O/S Version: EL6
Issue	RSA Security Analytics does not support CIDR when the MetaCallback option is selected. Ranged indices are still required for feeds that only need ip.src or ip.dst, but not both.
Resolution	In 10.6.5, support is provided for MetaCallback feeds for CIDR on Decoder and Log Decoder devices using the existing custom feed advanced configuration wizard. To access the wizard, go to Live > Feeds, > Custom Feed > Advanced Configuration Wizard, and use the xml feed definition file. You can also upload xml and feed binary files using the REST interface with /decoder/parsers/upload.

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links

000035745 - RSA Security Analytics 10.6.5 Known Issues Master List